<?php
require_once($libdir . "class-phpass." . $phpEx);

$wp_prefix	    	    = $config['FORUM_DB_PREFIX'];
$users_table		    = $wp_prefix . "users";
$smilies_table		    = $dbprefix . "smilies";
$smile_pattern_field	= "code";
$smile_url_field	    = "smile_url";
$smilies_path		    = $config['FORUM_BASE_URL'] . "wp-includes/images/smilies/";
if (isset($config['FORUM_SMILIES_PATH']) && $config['FORUM_SMILIES_PATH'] != '') {
    $smilies_path       = $config['FORUM_SMILIES_PATH'];
}

function getAvatar($userinfo) {
	return FALSE;
}

function getProfileURL($userinfo) {
	global	$db2;
	global	$users_table;

	$sql	= "SELECT * FROM $users_table WHERE ID={$userinfo['user_id']}";
	print("<!-- SQL: $sql -->\n");
	print("<!-- Userinfo: "); print_r($userinfo); print(" -->\n");
        $result = $db2->sql_query($sql);
        $row	= $db2->sql_fetchrow($result);

	if ($row['user_url'] != '' && $row['user_url'] != 'http://') {
		$url	= $row['user_url'];
	} else {
		$url	= "mailto:".$row['user_email'];
	}

	return $url;
}

function checkAuth($username, $password, $modGroup, $checkAdmin) {
	// success: return user info array
	// failure: return error string
	global	$db;
	global	$db2;
	global	$users_table;
	global	$dbprefix;
	global	$wp_prefix;
    global  $config;

    $wphash = new PasswordHash(8, TRUE);
    $auth   = FALSE;
	$pw5    = md5($password);
	$sql	= "SELECT
				*
			FROM
				$users_table AS u,
				{$wp_prefix}usermeta AS m
			WHERE
				(user_login LIKE '$username' OR user_nicename LIKE '$username' OR display_name LIKE '$username') AND
				u.ID=m.user_id AND
				(m.meta_key='wp_capabilities' OR m.meta_key LIKE 'wp_%_capabilities')";

    $str_sql        = ereg_replace("\t", "", $sql);
    $str_sql        = ereg_replace("\n", " ", $str_sql);
    addToLog("authLogin: Login SQL -- $str_sql");

    $result = $db2->sql_query($sql);

    if (!$result) {
            return "Error authenticating account, please try back later.";
    }

    if (($row = $db2->sql_fetchrow($result)) == NULL) {
            addToLog("Login failed from " . $_SERVER['REMOTE_ADDR'] . " (" . $_SERVER['HTTP_USER_AGENT'] . ") -- user $username"); # -- pass $password");
            return "Error logging in: possible reasons are an invalid username or authentication failure.";
    }

    if ($row['user_pass'] == $pw5) {
        $auth   = TRUE;
    } else {
        if ($wphash->CheckPassword($password, $row['user_pass'])) {
            $auth   = TRUE;
        }
    }

    if ($auth == FALSE) {
            addToLog("Login failed from " . $_SERVER['REMOTE_ADDR'] . " (" . $_SERVER['HTTP_USER_AGENT'] . ") -- user $username -- pass ". $row['user_pass']);
            return "Error logging in: possible reasons are an invalid username or authentication failure.";
    }

    $userinfo['user_id']    = $row['ID'];
    $userinfo['username']   = $row['display_name'];
    $userinfo['moderator']  = 0;
	$userinfo['user_email']	= $row['user_email'];
	$userinfo['user_url']	= $row['user_url'];

	$capa	= unserialize($row['meta_value']);
	$capa	= array_change_key_case($capa, CASE_LOWER);

    if ($capa[$modGroup] || $capa['administrator']) {
        $userinfo['moderator']  = 1;
    }

    if ($checkAdmin && !$capa['administrator']) {
        return "Error logging in: account is not an administrator.";
    }

    $sql    = "UPDATE {$dbprefix}prefs SET user_lastvisit_chat=UNIX_TIMESTAMP(NOW()) WHERE user_id={$row['ID']}";
    $db->sql_query($sql);

	return	$userinfo;
}

function checkBoardBan($ip, $userid) {
	// returns boolean result
	return	FALSE;
}

function checkValidAlias($alias, $uid) {
	// returns boolean result
	//
	global	$db2;
	global	$users_table;

	$sql	= "SELECT * FROM $users_table WHERE (user_login LIKE '$alias' OR user_nicename LIKE '$alias' OR display_name LIKE '$alias')";
    $result = $db2->sql_query($sql);
    if (($row = $db2->sql_fetchrow($result)) != NULL) {
		if ($row['ID'] != $uid) {
            return "<b> $sql</b>";
		}
    }

	return	TRUE;
}

function showModeratorGroups($gid) {
	global	$db2;
	global	$config;

	$sql	= "SELECT option_value FROM {$config['FORUM_DB_PREFIX']}options WHERE option_name='wp_user_roles'";
	addToLog("showModeratorGroups: $sql");
	$res	= $db2->sql_query($sql);
	$row	= $db2->sql_fetchrow($res);
	$roles	= unserialize($row['option_value']);
    $groups = '';
	foreach($roles as $role => $rolev) {
		$groups .= "<option value={$role}";
		if ($gid == $role) {
			$groups .= " SELECTED";
		}
		$groups .= ">".ucfirst($role)."</option>\n";
	}
    return $groups;
}

